Email

0) die ("Sorry, you cannot post web addresses with http:// in them. Please try again."); return $newval; } } if (!isset($_COOKIE['formxcpt'])) { $rndfrmval = substr(md5(rand(000000,999999)), 0, 8); setcookie ("formxcpt", $rndfrmval, "0", "/", "", 0); } else $rndfrmval = $_COOKIE['formxcpt']; ?> Email 0) $formaccept = "no"; // COMES FROM BROWSER? if (!isset($_SERVER['HTTP_USER_AGENT'])) $formaccept = "no"; // POST REQUEST? if (!$_SERVER['REQUEST_METHOD'] == "POST") $formaccept = "no"; if (empty($_COOKIE['formxcpt']) OR $_POST['form_xcpt'] != $_COOKIE['formxcpt'] OR empty($_POST['form_xcpt'])) $formaccept = "no"; // DIE IF FORM CANNOT BE PROCESSED if ($formaccept == "no") die ("Cannot process form. Please note that we utilize a form check cookie for security reasons, but do not store cookies with personal data. Please make sure cookies are enabled on your browser and try again."); $strfromname = pullspam(stripbadstuff($_POST['fromname']), "header", "strip", "yes"); $to_name = pullspam(stripbadstuff($_POST['toname']), "header", "strip", "yes"); $from_email = pullspam(stripbadstuff($_POST['fromemail']), "header", "strip", "yes"); $to_email = pullspam(stripbadstuff($_POST['toemail']), "header", "strip", "yes"); $item = pullspam(stripbadstuff($_POST['item']), "header", "strip", "yes"); $page = pullspam(stripbadstuff($_POST['page']), "header", "strip", "yes"); $chk_var = pullspam(stripbadstuff($_POST['checkvar']), "header", "strip", "yes"); $messg = pullspam(str_replace("@", " at ", stripbadstuff($_POST['message'])), "body", "strip", "yes"); if (!$strfromname) $strfromname = "A friend at " .$from_email; if ($to_name) { $strtoname = stripslashes($to_name); $entry = ", $strtoname"; $to_name = "$strtoname at "; } if (!$from_email OR !$to_email OR (!$item AND !$page)) die ("

Sorry, but we did not receive all of your information. Please go back and try again.

"); else { // Check for domain emails $fromemailcheck = explode("@", $from_email); $toemailcheck = explode("@", $to_email); if (empty($fromemailcheck[1]) OR empty($toemailcheck[1])) die ("

Sorry, but your email address was not formed correctly. Please try again.

"); else if (substr_count($varrow[2], $fromemailcheck[1]) > 0 OR substr_count($varrow[2], $toemailcheck[1]) > 0) die ("

Sorry, but messages cannot be sent from this domain. Please try again.

"); else { if ($item) { $itemquery = "SELECT Item FROM " .$DB_Prefix ."_items WHERE ID='$item'"; $itemresult = mysql_query($itemquery, $dblink) or die ("Unable to select your item. Try again later."); $itemrow = mysql_fetch_row($itemresult); $urlname = stripslashes($itemrow[0]); $urladdress = $urldir ."/" .$Catalog_Page ."?item=" .$item; } else if ($page) { $emailpage = str_replace(".$pageext", "", $page); $pagequery = "SELECT PageTitle FROM " .$DB_Prefix ."_pages WHERE PageName='$emailpage'"; if ($dir) $pagequery .= " AND PageType='additional'"; $pageresult = mysql_query($pagequery, $dblink) or die ("Unable to select your page. Try again later."); $pagerow = mysql_fetch_row($pageresult); $urlname = stripslashes($pagerow[0]); if ($dir) $urladdress = $urldir ."/" .$dir ."/" .$page; else $urladdress = $urldir ."/" .$page; } if ($messg) $addl = "\r\n\r\n$fromname also included this message:\r\n$messg"; else $addl = ""; mail($to_email, "Check This Out", "Hello$entry. $strfromname was viewing $Site_Name and thought you would be interested in this page: $urlname $urladdress$addl", "From: $from_email\r\nReply-To: $from_email"); if ($_POST['copy'] == "Yes") { mail("$fromemail", "Check This Out (copy)", "The following message was sent to $to_name$toemail: ------------------------------------------- $strfromname was viewing $Site_Name and thought you would be interested in this item: $urlname $urladdress$addl", "From: $from_email\r\nReply-To: $from_email"); } echo "

You just sent the following page information to $to_name$toemail:

"; echo "

"; echo "$urlname
$urladdress

"; echo "

"; echo "Close Window

"; } } } else { ?>

Your Name:
Your Email*:
Send To Name:
Send To Email*:
Click here to receive a copy of this email:
Your Message:
* Required fields
"; if ($page) echo ""; if ($dir) echo ""; echo ""; if (!empty($rndfrmval) AND ctype_alnum($rndfrmval)) echo ""; ?>